nginx: Bug Report: ngx_palloc.c:ngx_reset_pool"
Fredrik Yhlen
hallonsorbet900 at gmail.com
Tue Jun 15 05:28:40 MSD 2010
--- nginx-0.8.35/src/core/ngx_palloc.c 2009-12-17 04:25:46.000000000
-0800
+++ nginx-0.8.35.fixed/src/core/ngx_palloc.c 2010-04-18
19:28:43.680353209 -0700
@@ -105,9 +105,10 @@
}
pool->large = NULL;
+ pool->d.last = (u_char *) pool + sizeof(ngx_pool_t);
- for (p = pool; p; p = p->d.next) {
- p->d.last = (u_char *) p + sizeof(ngx_pool_t);
+ for (p = pool->d.next; p; p = p->d.next) {
+ p->d.last = (u_char *) p + sizeof(ngx_pool_data_t);
}
}
This is my first time bug reporting so please be careful reading this bug
report.
Only the first pool in the linked list uses ngx_pool_t, the others use
ngx_pool_data_t.
The problem is when the pools resets through ngx_reset_pool it resets all
pools d->last to pool + sizeof(ngx_pool_t) and therefore creating
an unsued memory chunk through further allocations.
The program should reset d->last of the first pool to pool +
sizeof(ngx_pool_t) and the rest to pool + sizeof(ngx_pool_data_t).
Best regards, Fredrik Yhlen
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx-devel/attachments/20100614/c641d3ab/attachment.html>
More information about the nginx-devel
mailing list